On Thu, 04 Oct 2001, Philip S Tellis spewed into the ether:
On Tue, 2 Oct 2001, abhijeet wrote:
1.> If the mail server doesn't check who i am when accepting a message for delivery......doesn't that mean that anybody could use somebody else's mail id to send mail????
Yes. Try it and see. That's how spammers send you mail, that's how email is forged, that's the reason why you should digitally sign your emails with a PGP/GPG signature that only you have.
This depends on how the mail server is configured. Normally, your mail server is configured to relay anything from a particular range of ip addresses, and drop everything else. <snip>
Some strict settings on the mail server, but they could annoy legitimate users. Remember how we all reacted when vsnl blocked non-vsnl users from sending mail.
Use SMTP AUTH or POP before SMTP.
Basically, don't allow relay from any address not in your domain, unless the destination address is in your domain. This could be fixed by having your users' smtp server different from your actual mailhost - the one with the MX entry in your DNS.
Relay from, or relay to? You relay to everything in your domain, and for everyone in your ip block.
Check the IP of the source host. Don't allow relay from any host that doesn't have a DNS entry, and isn't from your IP pool.
Thats a bit strict, plenty of people don't fix their DNS for dialups. Its a useful spam block though :).
Devdas Bhagat